package auctionhaus

class AuthFilters {

    def filters = {
        Authentication(controller: 'login', invert: true) {
            before = {
                if (request.requestURI.contains('listing/list') ||
                        request.requestURI.contains('listing/getLatestBids') ||
                        request.requestURI.contains('listing/show') ||
                        request.requestURI.contains('listing/isExpired') ||
                        request.requestURI.contains('customer/create') ||
                        request.requestURI.contains('customer/save.dispatch'))
                {
                    return
                }
                if (request.requestURI.contains('customer/') && session.customer && !session.customer.isAdmin )
                {
                        redirect(controller: "listing", action: "list")
                        return false

                }

                if   (!session.customer)
                {
                    redirect(controller: "login", action: "login")
                    return false
                }
            }
        }
    }
}
